Relationships Matter Series: A CISO’s Perspective on Reducing Vulnerabilities in the Cloud

Relationships Matter Series: A CISO’s Perspective on Reducing Vulnerabilities in the Cloud

We had the opportunity to interview Rich Noguera, the recently appointed VP of Security Services here at vArmour, and formerly the CISO of Yapstone and first CISO at Gap, Inc., to find out more from a CISO’s perspective on how to reduce vulnerabilities in the cloud.

For all the CISOs out there, or any security practitioner for that matter, you’ll find this conversation informative and applicable as your organization transitions to cloud.  Rich specifically discusses how to identify cloud risks, including the importance of:

    • Reducing the threat/attack surface
    • Determining who/what applications are talking to & what is connected to critical assets
    • Prioritizing security actions based on asset proximity to sensitive/critical systems
    • Understanding the blast radius of a security incident

Watch the 3 minute interview here, or see below for the text version of the interview.

 

* * *

Q. As a CISO, what have you found to be the most difficult problem in securing your cloud platforms?

RN: First and foremost, understanding and managing risk in your environment is absolutely key to reducing vulnerabilities in your cloud surface and thus reducing the threat/attack surface. However, in order to do this, you must first understand the application relationships in your multi-cloud environment.

The challenge for me was getting a grasp of a native cloud environment at a small Fintech (Yapstone) and the new to cloud environment global large enterprise (Gap). The most difficult problem stemming from that challenge was being able to identify and prioritize which applications mattered, which I based on the number of connections they had and the volume of data those moved.

Q. You say that identifying and prioritizing application relationships is important. Why?

RN: Understanding application relationships in the modern cloud environment is crucial to effectively managing risk. Being able to intuitively see the threat/attack surface accelerates prioritization of vulnerability management and security monitoring within the environment.

You must be able to determine who and what applications are talking to, what and how much data they are sharing between them, and which systems are ‘in the neighborhood’ of those to effectively manage risk in your environment.

Q. Can you elaborate on the importance of being able to visualize the threat/attack surface?

RN: In order to secure application relationships, identifying assets at risk and understanding your full blast radius is critical to security operations, and a CISO must have complete visibility of their environment to fully understand and effectively minimize those risks.

Application relationships matter when it comes to cloud, and security teams are facing increasingly complex scenarios as they look to protect their data across hybrid and multi-cloud environments. Considering the exponential rise in open source code use and integration with third-party services, the cloud threat surface has become exceedingly difficult to understand. Compounding that is the high demand for cybersecurity talent with high expectations of CloudSecOps or DevOpsSec experience - which just isn’t there yet.

Q. How is vArmour making it easy for CISOs to identify risk in the cloud?

RN: In order to fully secure your applications, you need to have a deep and rich understanding of relationships. Whether your cloud surface is public, private, or hybrid, vArmour makes it simple to understand what applications at what workload level are talking to what, where and at what volumes so that a CISO or his/her team can respond and act correctly and quickly. 

Moreover, Security Graph provides you with the ability to model and better understand the relationship based risks to your applications and your business. In environments with thousands of workloads, and potentially millions of active application-to-application relationships, the ability to visualize this information enables intuitive security decisioning based on connectivity and data transfer volumes.

I’m excited to join the team at vArmour to help customers leverage the full potential of our Security Graph capabilities to identify and navigate through the security challenges inherent to  digital transformation. I am also excited about enabling my peers with the ability to visualize application stacks so that security and compliance risks can then be acted on to strengthen their cloud security stance.

 * * *

If you want to connect with Rich to discuss identifying risk in your cloud, send a note here to schedule a meeting, or to see how the Application Controller can visualize application relationships in your cloud, download a free trial

Stay tuned for our next episode on how vAmour expedites the Incident Response process with application visibility.

More about Rich Noguera, VP Security Services, vArmour

In addition to being CISO at Yapstone and Gap, Rich held leadership and operational positions at Accenture, Yahoo!, Symantec, McAfee, and Deloitte & Touche LLP. Moreover, as an active proponent of threat intelligence exchange, Rich helped establish the Retail & Hospitality Cyber Information Sharing Center as a founding Board member, and was an active member of the Advanced Persistent Threat Group of the Bay Area CISOs Group.